2 months ago
Hello,
I hope you're well.
"My FastAPI website is creating URLs with http instead of https, the domain is working fine on https and we have proxy on to force https but it seems some issue here on railway".
I'm getting the following error on multiple pages on my site:
menus:1 Mixed Content: The page at 'https://meuse-pre-orders-qa-testing.up.railway.app/menus' was loaded over HTTPS, but requested an insecure script 'http://meuse-pre-orders-qa-testing.up.railway.app/static/assets/js/bs-init.js'. This request has been blocked; the content must be served over HTTPS.
Thank you
11 Replies
2 months ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open brody • 3 months ago
2 months ago
Your FastAPI app is probably building links with http instead of https. Even with a proxy, the browser blocks this as mixed content.
You can fix it by starting Uvicorn like this:
uvicorn.run(app, host="0.0.0.0", port=port, proxy_headers=True, forwarded_allow_ips="*")
This makes FastAPI pick up the original https from Railway’s proxy.
Also check if you’re hardcoding http anywhere in your templates or scripts. Change those to use https or relative paths.
2 months ago
Since your site is behind a railway proxy, you need to get fastAPI to trust the X-Forwarded-Proto header.
Try this: uvicorn main:app --proxy-headers --forwarded-allow-ips="*"
windspore
Your FastAPI app is probably building links with http instead of https. Even with a proxy, the browser blocks this as mixed content.You can fix it by starting Uvicorn like this:uvicorn.run(app, host="0.0.0.0", port=port, proxy_headers=True, forwarded_allow_ips="*")This makes FastAPI pick up the original https from Railway’s proxy.Also check if you’re hardcoding http anywhere in your templates or scripts. Change those to use https or relative paths.
2 months ago
Hi Windspore, thanks for your message. I will get our dev to implement your suggestion. Thank you
idiegea21
Since your site is behind a railway proxy, you need to get fastAPI to trust the X-Forwarded-Proto header.Try this: uvicorn main:app --proxy-headers --forwarded-allow-ips="*"
2 months ago
Hi idiegea21, thanks for your message. I will get our dev to implement your suggestion. Thank you
2 months ago
What they have said this is happening due to the script being http instead of https. If the dev team is still running into errors share more about your set up
2 months ago
Are you using Jinja or another template engine? If the urls are generated there it will need to be correctly configured
sim
What they have said this is happening due to the script being http instead of https. If the dev team is still running into errors share more about your set up
2 months ago
Hi Sim, thanks for you're message. Still waiting for my Dev to get back to me. I'll keep you posted. Thank you.
sim
Are you using Jinja or another template engine? If the urls are generated there it will need to be correctly configured
2 months ago
We are using bootstrap
windspore
Your FastAPI app is probably building links with http instead of https. Even with a proxy, the browser blocks this as mixed content.You can fix it by starting Uvicorn like this:uvicorn.run(app, host="0.0.0.0", port=port, proxy_headers=True, forwarded_allow_ips="*")This makes FastAPI pick up the original https from Railway’s proxy.Also check if you’re hardcoding http anywhere in your templates or scripts. Change those to use https or relative paths.
2 months ago
Thanks for the advice, I think it worked. Thank you so much.
idiegea21
Since your site is behind a railway proxy, you need to get fastAPI to trust the X-Forwarded-Proto header.Try this: uvicorn main:app --proxy-headers --forwarded-allow-ips="*"
2 months ago
Thanks for the advice, I think it worked. Thank you so much.
sim
What they have said this is happening due to the script being http instead of https. If the dev team is still running into errors share more about your set up
2 months ago
Thanks for the advice, I think it worked. Thank you so much.
Status changed to Solved ameuseme • 2 months ago